]>
Commit | Line | Data |
---|---|---|
12fb8c3d | 1 | /* |
6738bf14 | 2 | * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. |
12fb8c3d RS |
3 | * |
4 | * Licensed under the OpenSSL license (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #ifndef HEADER_DRBG_RAND_H | |
11 | # define HEADER_DRBG_RAND_H | |
12 | ||
8164d91d DMSP |
13 | /* In CTR mode, disable derivation function ctr_df */ |
14 | #define RAND_DRBG_FLAG_CTR_NO_DF 0x1 | |
12fb8c3d | 15 | |
c16de9d8 DMSP |
16 | /* |
17 | * Default security strength (in the sense of [NIST SP 800-90Ar1]) | |
18 | * of the default OpenSSL DRBG, and the corresponding NID. | |
19 | * | |
20 | * Currently supported values: 128, 192, 256 | |
21 | * | |
22 | * TODO(DRBG): would be nice to have the strength configurable | |
23 | */ | |
24 | # define RAND_DRBG_STRENGTH 128 | |
25 | # define RAND_DRBG_NID NID_aes_128_ctr | |
26 | ||
75e2c877 RS |
27 | /* |
28 | * Object lifetime functions. | |
29 | */ | |
30 | RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent); | |
4f9dabbf | 31 | RAND_DRBG *RAND_DRBG_secure_new(int type, unsigned int flags, RAND_DRBG *parent); |
75e2c877 RS |
32 | int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags); |
33 | int RAND_DRBG_instantiate(RAND_DRBG *drbg, | |
12fb8c3d | 34 | const unsigned char *pers, size_t perslen); |
75e2c877 RS |
35 | int RAND_DRBG_uninstantiate(RAND_DRBG *drbg); |
36 | void RAND_DRBG_free(RAND_DRBG *drbg); | |
37 | ||
38 | /* | |
39 | * Object "use" functions. | |
40 | */ | |
41 | int RAND_DRBG_reseed(RAND_DRBG *drbg, | |
42 | const unsigned char *adin, size_t adinlen); | |
43 | int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen, | |
12fb8c3d RS |
44 | int prediction_resistance, |
45 | const unsigned char *adin, size_t adinlen); | |
20928ff6 KR |
46 | int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen); |
47 | ||
a93ba405 | 48 | int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval); |
08a65d96 | 49 | int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval); |
a93ba405 | 50 | |
3ce1c27b DMSP |
51 | int RAND_DRBG_lock(RAND_DRBG *drbg); |
52 | int RAND_DRBG_unlock(RAND_DRBG *drbg); | |
53 | int RAND_DRBG_enable_locking(RAND_DRBG *drbg); | |
54 | ||
a93ba405 DMSP |
55 | RAND_DRBG *RAND_DRBG_get0_master(void); |
56 | RAND_DRBG *RAND_DRBG_get0_public(void); | |
57 | RAND_DRBG *RAND_DRBG_get0_private(void); | |
75e2c877 RS |
58 | |
59 | /* | |
60 | * EXDATA | |
61 | */ | |
62 | #define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \ | |
63 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef) | |
64 | int RAND_DRBG_set_ex_data(RAND_DRBG *dctx, int idx, void *arg); | |
65 | void *RAND_DRBG_get_ex_data(const RAND_DRBG *dctx, int idx); | |
12fb8c3d | 66 | |
75e2c877 RS |
67 | /* |
68 | * Callback functions. See comments in drbg_lib.c | |
69 | */ | |
70 | typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *ctx, | |
71 | unsigned char **pout, | |
16960a9b BK |
72 | int entropy, size_t min_len, |
73 | size_t max_len); | |
75e2c877 | 74 | typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx, |
6969a3f4 | 75 | unsigned char *out, size_t outlen); |
75e2c877 | 76 | typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *ctx, unsigned char **pout, |
16960a9b BK |
77 | int entropy, size_t min_len, |
78 | size_t max_len); | |
6969a3f4 DMSP |
79 | typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *ctx, |
80 | unsigned char *out, size_t outlen); | |
16960a9b | 81 | |
75e2c877 | 82 | int RAND_DRBG_set_callbacks(RAND_DRBG *dctx, |
16960a9b BK |
83 | RAND_DRBG_get_entropy_fn get_entropy, |
84 | RAND_DRBG_cleanup_entropy_fn cleanup_entropy, | |
85 | RAND_DRBG_get_nonce_fn get_nonce, | |
86 | RAND_DRBG_cleanup_nonce_fn cleanup_nonce); | |
12fb8c3d | 87 | |
c16de9d8 DMSP |
88 | /* |
89 | * RAND_POOL functions | |
90 | */ | |
91 | RAND_POOL *RAND_POOL_new(int entropy_requested, size_t min_len, size_t max_len); | |
92 | void RAND_POOL_free(RAND_POOL *pool); | |
93 | ||
94 | const unsigned char *RAND_POOL_buffer(RAND_POOL *pool); | |
95 | unsigned char *RAND_POOL_detach(RAND_POOL *pool); | |
96 | ||
97 | size_t RAND_POOL_entropy(RAND_POOL *pool); | |
98 | size_t RAND_POOL_length(RAND_POOL *pool); | |
99 | ||
100 | size_t RAND_POOL_entropy_available(RAND_POOL *pool); | |
101 | size_t RAND_POOL_entropy_needed(RAND_POOL *pool); | |
102 | size_t RAND_POOL_bytes_needed(RAND_POOL *pool, unsigned int entropy_per_byte); | |
103 | size_t RAND_POOL_bytes_remaining(RAND_POOL *pool); | |
104 | ||
105 | size_t RAND_POOL_add(RAND_POOL *pool, | |
106 | const unsigned char *buffer, size_t len, size_t entropy); | |
107 | unsigned char *RAND_POOL_add_begin(RAND_POOL *pool, size_t len); | |
108 | size_t RAND_POOL_add_end(RAND_POOL *pool, size_t len, size_t entropy); | |
109 | ||
110 | ||
111 | /* | |
112 | * Add random bytes to the pool to acquire requested amount of entropy | |
113 | * | |
114 | * This function is platform specific and tries to acquire the requested | |
115 | * amount of entropy by polling platform specific entropy sources. | |
116 | * | |
117 | * If the function succeeds in acquiring at least |entropy_requested| bits | |
118 | * of entropy, the total entropy count is returned. If it fails, it returns | |
119 | * an entropy count of 0. | |
120 | */ | |
121 | size_t RAND_POOL_acquire_entropy(RAND_POOL *pool); | |
12fb8c3d | 122 | #endif |